Passed CISSP this afternoon
Well 'this afternoon' UK time!
Way back in 2004 I'd thought about sitting the exam. After 9/11 it had been originally thought that the IT Security industry would expand exponentially. It did, but so too did my then-side of the IT business, and hence I was lost to Open Systems - AIX, Linux, HP-UX and Solaris. I'd even purchased the Krutz/Vines The CISSP Prep Guide the same year, but never cracked it open.
As it is in the last decade I had increasingly gravitated to IT Security roles and mid-this-year, after realizing I had more IT Security than Unix sysadmin on my cv, I thought I really should commit to the industry I'd been working in long enough. In July I purchased the 6th Edition of CISSP All In One (from the now sadly passed away Shon Harris), and secured a role as a developer for a SIEM project, thinking it would make studying a little easier than the endless hours that 'ops' attracts.
Even then I wasn't quite sure. The 10 domains of the CBK incorporate nothing of my two particular specializations, namely psychology/human factors (ergonomics), reflected in the new Cyber Security and Human Factors Masters course at Bournemouth University in the south of England. Perhaps I might be able to persuade ISC2 to add an 11th domain to the CBK in the future!
I thoroughly enjoyed the study though; some domains I'd hardly had any dealings with, such as Physical & Environmental Security and much of Governance, and it was a useful exercise to add to my knowledge. In addition to the All In One, I purchased the add-on CISSP Practise Exams, 11th Hour CISSP, and I already had some EC-Council books, such as the excellent Network Defense: Security Policy and Threats, and some Unix and Windows security publications. I had decided not to do a boot camp/course, principally because I didn't want to study just for the exam, but rather I wanted to enhance the knowledge and experience I already had. I also paid for the CCure quizzes, and found them to be essential - useful for highlighting areas of weakness.
So today I attended a rather busy Pearson test center. Unlike tchoki who posted today, I didn't sail through the test. I needed a good five hours to complete the 250 questions and I left an hour to review the answers, and even then didn't review the last 50+!
Nonetheless, despite the time taken, there were no 'trick' questions. Some questions required a bit of judgement, and I found that the test had some lengthy 'runs' of these, followed by a batch of 'easy' questions. For these I found it useful to read the question, decide what the answer was in my head, and then look at the provided answers. If my original assertion was there, in went the tick, confidently.
About three hours-in I really was in need of a strong coffee. Not to be though in a test center! I plowed-on, and in my review of (just the 200-odd) questions, changed two or three answers. With just over five minutes left I gave up performing anymore checking and closed the exam.
A matter of minutes later and I had an A4 ISC2 sheet confirming a pass. What a nice Xmas present!
Way back in 2004 I'd thought about sitting the exam. After 9/11 it had been originally thought that the IT Security industry would expand exponentially. It did, but so too did my then-side of the IT business, and hence I was lost to Open Systems - AIX, Linux, HP-UX and Solaris. I'd even purchased the Krutz/Vines The CISSP Prep Guide the same year, but never cracked it open.
As it is in the last decade I had increasingly gravitated to IT Security roles and mid-this-year, after realizing I had more IT Security than Unix sysadmin on my cv, I thought I really should commit to the industry I'd been working in long enough. In July I purchased the 6th Edition of CISSP All In One (from the now sadly passed away Shon Harris), and secured a role as a developer for a SIEM project, thinking it would make studying a little easier than the endless hours that 'ops' attracts.
Even then I wasn't quite sure. The 10 domains of the CBK incorporate nothing of my two particular specializations, namely psychology/human factors (ergonomics), reflected in the new Cyber Security and Human Factors Masters course at Bournemouth University in the south of England. Perhaps I might be able to persuade ISC2 to add an 11th domain to the CBK in the future!
I thoroughly enjoyed the study though; some domains I'd hardly had any dealings with, such as Physical & Environmental Security and much of Governance, and it was a useful exercise to add to my knowledge. In addition to the All In One, I purchased the add-on CISSP Practise Exams, 11th Hour CISSP, and I already had some EC-Council books, such as the excellent Network Defense: Security Policy and Threats, and some Unix and Windows security publications. I had decided not to do a boot camp/course, principally because I didn't want to study just for the exam, but rather I wanted to enhance the knowledge and experience I already had. I also paid for the CCure quizzes, and found them to be essential - useful for highlighting areas of weakness.
So today I attended a rather busy Pearson test center. Unlike tchoki who posted today, I didn't sail through the test. I needed a good five hours to complete the 250 questions and I left an hour to review the answers, and even then didn't review the last 50+!
Nonetheless, despite the time taken, there were no 'trick' questions. Some questions required a bit of judgement, and I found that the test had some lengthy 'runs' of these, followed by a batch of 'easy' questions. For these I found it useful to read the question, decide what the answer was in my head, and then look at the provided answers. If my original assertion was there, in went the tick, confidently.
About three hours-in I really was in need of a strong coffee. Not to be though in a test center! I plowed-on, and in my review of (just the 200-odd) questions, changed two or three answers. With just over five minutes left I gave up performing anymore checking and closed the exam.
A matter of minutes later and I had an A4 ISC2 sheet confirming a pass. What a nice Xmas present!
Comments
-
Spin Lock
Member Posts: 142
It doesn't matter if you took 2 hours or 6 - a pass is a pass! Congratulations! -
impelse
Member Posts: 1,237 ■■■■□□□□□□
CongratsStop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
It is your personal IPS to stop the attack. -
voodoo26
Member Posts: 56 ■■□□□□□□□□
Congrats !!!2014 Goals CISSP COLOR=#008000]Passed[/COLOR, 2015 Goals CISM COLOR=#ff0000]June[/COLOR -
dark3d
Member Posts: 76 ■■□□□□□□□□
Congrats!
Thanks for documenting your experience. I have a week left before I sit and I'm a little nervous. Reading your background helps.CISSP - January 2015
WGU B.S. IT - Security (2/1/2015-6/16/2015)
Working on: MSISA/Radware/Fortinet/Juniper/PAN -
smoten
Member Posts: 33 ■■■□□□□□□□
Congratulation on achieving such a great milestone, I am also targeting in 2nd week of Jan, can you please guide me which practice QA is best for last minute preparation, also any feedback for TRANSCENDER is it worth to buy.
-
EasyPeezy
Member Posts: 111 ■■■□□□□□□□
Well done...2015 Goals: ISO27001:Lead Auditor COLOR=#FF0000]Passed[/COLOR...
2016 Goals: M.Sc Cyber Security :study:, ITILF COLOR=#FF0000]Passed[/COLOR, COBIT5 F COLOR=#ff0000]Feb[/COLOR][COLOR=#ff0000].[/COLOR, CGEITCOLOR=#ff0000]Jun[/COLOR][COLOR=#ff0000]. ???[/COLOR, CIPMCOLOR=#ff0000]???[/COLOR -
DirtyData
Member Posts: 14 ■■■□□□□□□□
Way to go! Just starting my studies so I appreciate the inspiration.
